[Git][security-tracker-team/security-tracker][master] libwebsockets spu

Moritz Muehlenhoff (@jmm) Wed, 05 Nov 2025 11:23:05 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
31a6310c by Moritz Mühlenhoff at 2025-11-05T20:21:15+01:00
libwebsockets spu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -5217,9 +5217,13 @@ CVE-2025-11679 (Out-of-bounds Read in 
lws_upng_emit_next_line in warmcat libwebs
        NOTE: Fixed in: 
https://libwebsockets.org/git/libwebsockets/commit?id=7df24cca7144d7bc9233b6b0a71108bd154ce101
 CVE-2025-11678 (Stack-based Buffer Overflowin lws_adns_parse_label in warmcat 
libwebso ...)
        - libwebsockets 4.3.5-3 (bug #1118746)
+       [trixie] - libwebsockets <no-dsa> (Minor issue)
+       [bookworm] - libwebsockets <no-dsa> (Minor issue)
        NOTE: 
https://libwebsockets.org/git/libwebsockets/commit?id=2bb9598562b37c942ba5b04bcde3f7fdf66a9d3a
 CVE-2025-11677 (Use After Free in WebSocket server implementation in 
lws_handshake_ser ...)
        - libwebsockets 4.3.5-3 (bug #1118747)
+       [trixie] - libwebsockets <no-dsa> (Minor issue)
+       [bookworm] - libwebsockets <no-dsa> (Minor issue)
        NOTE: 
https://libwebsockets.org/git/libwebsockets/commit?id=2f082ec31261f556969160143ba94875d783971a
 CVE-2025-10678 (NetBird VPN when installed using vendor's provided script 
failed to re ...)
        NOT-FOR-US: NetBird VPN


=====================================
data/next-point-update.txt
=====================================
@@ -81,3 +81,7 @@ CVE-2025-23345
        [trixie] - nvidia-graphics-drivers-tesla-535 535.274.02-1~deb13u1
 CVE-2025-11568
        [trixie] - luksmeta 9-4+deb13u1
+CVE-2025-11678
+       [trixie] - libwebsockets 4.3.5-1+deb13u1
+CVE-2025-11677
+       [trixie] - libwebsockets 4.3.5-1+deb13u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31a6310c086b9810b7983c9c45e7e7953311ef82

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31a6310c086b9810b7983c9c45e7e7953311ef82
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] libwebsockets spu

Reply via email to